Staff DevSecOps Engineer

About The Position

Requirements

• 10+ years in DevSecOps, security engineering, or a combination of DevOps, security, and IT roles
• Hands-on experience with cloud infrastructure and security on AWS
• Experience owning or co-owning SOC 2 and HIPAA compliance programs, not just contributing to them
• Experience managing IT operations, including device management, identity and access management, and internal tooling
• A solid foundation in security frameworks and compliance standards, including hands-on familiarity with AI agent risks such as prompt injection, data poisoning, and adversarial inputs. You think proactively about how emerging AI security standards and regulations affect an insurance technology company deploying agents.
• The ability to communicate security risks clearly to non-technical stakeholders and translate compliance requirements into engineering decisions
• The drive to build a security function from the ground up and grow into owning it fully
• Domain curiosity about insurance. You either understand how insurance works or you are genuinely motivated to learn. Security decisions are better when you understand the business they protect.
• Experience working with distributed, remote teams.

Responsibilities

• Own the organization's security posture. Define, implement, and maintain the controls, policies, and practices that keep Counterpart secure across human and agentic interactions.
• Own our SOC 2 Type 2 and HIPAA compliance programs. Manage and automate audits, maintain evidence, and extend our compliance posture as the business and the threat surface grow.
• Stay ahead of emerging threats and regulations. Continuously evaluate our security posture against new attack vectors, including data poisoning, adversarial inputs, and agent hijacking. Track how AI security standards and regulatory requirements are evolving and get ahead of them before they become mandatory.
• Own IT operations end-to-end, from onboarding to offboarding. Manage and automate device procurement and provisioning, access controls, identity management, and the internal tooling stack.
• Own platform infrastructure security as a hands-on member of the DevOps team.
• Build and maintain sandbox architecture that allows safe experimentation without risking production systems.
• Design and implement secure environments for AI agent workloads, including trust boundaries, defenses against prompt injection, data exfiltration, and other unexpected behaviors.

Benefits

• Unlimited Vacation: We offer flexible time off, allowing you to take time when you need it.
• Work from Anywhere: Counterpart is a fully distributed company, meaning there is no office. We allow employees to work from wherever they do their best work, and invite the team to meet in person a couple times per year.
• Stock Options
• Health, Dental, and Vision Coverage
• 401(k) Retirement Plan
• Parental Leave
• Home Office Allowance: to set up your home office with the necessary equipment and accessories.
• Book stipend
• Professional Development Reimbursement
• No working birthdays: Take your birthday off, giving you the opportunity to relax, enjoy your special day, and spend time with loved ones.
• Charitable Contribution Matching